Technology

Being with the "best of the best" as a YC Top Company

Mar 3, 2023 By Michelle McLean In Salt Security

Salt has long benefited from the unique support that comes from being part of the Y Combinator accelerator program (Salt was in the Winter 2016 batch), and all these years later, we’re thrilled to have been named to not one but two of YC’s Top Company lists – the Top Private YC companies 2023 and the YC Breakthrough Companies 2023. For the Top Private list, it’s deja vu all over again, since we made that list last year as well.

Read Post

Salt Security

Read more about Being with the "best of the best" as a YC Top Company

Securing Your Amazon S3 Buckets

Mar 3, 2023 By Farrah Gamboa In Netwrix

Amazon Web Services (AWS) is the world’s largest cloud provider, with well over a million active users. The popularity of AWS makes it one of the biggest targets for cybercriminals — and one of the leading contributors to breaches is incorrectly configured Amazon S3 buckets. For example, an insecure bucket led to the unauthorized access of 23 million documents and 6.5 TB of data belonging to Pegasus Airlines.

Read Post

Netwrix

Read more about Securing Your Amazon S3 Buckets

Cloud Threats Memo: Multiple Different Cloud Apps Abused in a Single Cyber Espionage Campaign

Mar 3, 2023 By Paolo Passeri In Netskope

Threat actors continue to exploit cloud services for cyber espionage, and a new campaign by a threat cluster named WIP26, discovered recently by researchers at Sentinel One in collaboration with QGroup, targeting telecommunication providers in the Middle East, confirms this trend.

Read Post

Netskope

Read more about Cloud Threats Memo: Multiple Different Cloud Apps Abused in a Single Cyber Espionage Campaign

API Security 101: Understanding the Risks and Implementing Best Practices

Mar 3, 2023 By Vinugayathri Chinnasamy In Indusface

API security is the process of effectively securing APIs owned by the organization and external APIs used by implementing API-specific security strategies. It secures API vulnerabilities and misconfigurations and prevents their exploitation by attackers. It mitigates a wide range of API security threats and helps effectively manage risks associated with APIs.

Read Post

Indusface

Read more about API Security 101: Understanding the Risks and Implementing Best Practices

OAuth security gaps at Booking.com (now remediated)

Mar 2, 2023 By Salt Security In Salt Security

This short video explains how Salt Labs researchers identified several critical security flaws on the popular travel site Booking.com. The flaws were found in the site's authentication functionality and could have allowed a malicious attacker to take over user accounts, access profile information, and take actions on behalf of the user such as booking or canceling reservations and ordering transportation services.

View Video

Salt Security

Read more about OAuth security gaps at Booking.com (now remediated)

Traveling with OAuth - Account Takeover on Booking.com

Mar 2, 2023 By Aviad Carmel In Salt Security

OAuth (Open Authorization) is a modern, open authorization standard designed to allow cross-application access delegation – for example, allowing your application to read data from your Facebook profile. Combined with the proper extensions, OAuth can also be used for authentication – for example, to log into your application using Google credentials. Since its first introduction in 2006, OAuth has gained tremendous popularity.

Read Post

Salt Security

Read more about Traveling with OAuth - Account Takeover on Booking.com

Using ChatGPT to Improve Your Cybersecurity Posture

Mar 2, 2023 By Edward Kost In UpGuard

On November 30, 2022, ChatGPT quaked the digital world, sending a tremor that even rattled the cybersecurity industry. Instead of responding in panic, a more sensible approach is to begin learning how to leverage the technology to streamline your workflow and optimize your skills. In this post, we explain how ChatGPT can be used to improve your cybersecurity posture and data breach resilience.

Read Post

UpGuard

Read more about Using ChatGPT to Improve Your Cybersecurity Posture

How Advanced Technology Can Help Detect Indecent Images Online

Mar 1, 2023 By SecuritySenses In SecuritySenses

In 2023, technology has a hand in almost every aspect of our lives, and is vital in helping to tackle a number of forms of cybercrime. In this article, we're looking at how advanced technology can help to detect indecent images online.

Read Post

SecuritySenses

Read more about How Advanced Technology Can Help Detect Indecent Images Online

EP 22 - Deep Fakes, ChatGPT and Disinformation: Theresa Payton on Evolving Digital Threats (Part 2)

Mar 1, 2023 By CyberArk In CyberArk

Today’s episode is part two of our conversation with former White House CIO, bestselling author and founder and CEO of Fortalice Solutions, Theresa Payton. If you missed part one, you can start here and go back to that episode. Or, you can start there and come back to this one – but you’re already here, so maybe just stick around?

Read Post

CyberArk

Read more about EP 22 - Deep Fakes, ChatGPT and Disinformation: Theresa Payton on Evolving Digital Threats (Part 2)

Keep Your Data Protected from Adversarial States and Governments

Mar 1, 2023 By Lookout In Lookout

Lookout Mobile Endpoint Security allows organizations to protect data and government agencies to comply with state and federal government mandates, such as OMB M-23-13, banning the use of TikTok on devices.

View Video